Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

How to Deal with Reverse Domain Name Hijacking

1. Introduction The fact that one owns a trademark which is identical or confusingly similar to a domain name does not necessarily mean that she is entitled
Read More
Article

MOOSE Malware: Analysis

Part One of this series was a very basic level, and had only thrown light on what Moose Malware actually is, as well as its components and related IoC's. In
Read More
Article

Social Engineering - A Case Study

In this article, I am going to illustrate a real life social engineering hack that I did for my friend. He saw some property ads online; he filled out the qu
Read More
Article

The Top Five Cyber Security Vulnerabilities

Introduction In the last weeks, the hack of the Federal Office of Personnel Management (OPM), apparently tied to Chinese sponsored hackers, raised the discus
Read More
Article

Win32/Lethic Botnet Analysis

Introduction Lethic is a spam botnet consisting of an estimated 210 000 - 310 000 individual machines which are mainly involved in pharmaceutical and replica
Read More
Article

Office 365 Compliance Matrix

When people find out what I do for a living, they often ask if I think the Cloud is secure. We’ve written about this before and my response is along the line
Read More
Article

Content Security Policy

The entire web application security model is built on the idea of "Same Origin Policy" which restricts the content of one domain being accessed by another do
Read More
Article

Introduction to Reverse Engineering

In computing, reverse engineering is the process of understanding how things work and reusing the information to do something. This is applicable even to And
Read More
Article

Cyberspace : A Fast-growing Area of Crime

Caught in a growing Internet community, many users have already seen the downside of being dependent on the web for many daily activities. Many may have been
Read More
Article

Firefox Plug-ins a Security Engineer Needs to Know

Plug-ins are programs that runs within software, which can improve the features of software. For example, a browser could be simply used for browsing purpose
Read More
Article

Securely Managing Public/Private Keys for Cloud Services

Introduction In our daily lives, there are many services with which we have to use authentication in order to get access; be it personal services like our cl
Read More
Article

Secure Your Application Using .htacess File

What is Wordpress? WordPress is a free, open-source blogging tool and content management system (CMS) based on PHP and MySQL. Features include a plugin archi
Read More
Article

Interview: Chris Rouland

Chris Rouland is a 25-year veteran of the information security industry and a valued member of the Atlanta technology community. Chris has founded several co
Read More
Article

Identifying Vulnerable Code

No matter how much care you take during development of any software, security issues creep in. Hence, it is important to get the code reviewed for security l
Read More
Article

n00bz CTF Challenge #2: Practical Website Hacking

In the second edition of our n00bs CTF Labs, we've created 13 small challenges to test your web app hacking skills. The challenges are based on common vulner
Read More
Article

MOOSE Malware: Basics

In this article series, we will learn about a famous Linux family of malware known as MOOSE, which is used to steal unencrypted traffic over the wire and inf
Read More
Article

Netcat uses

Netcat is one of the most common tools used by hackers to exploit systems. It runs on a variety of systems including Windows, Linux, Solaris, etc. Netcat com
Read More
Article

Transition of ISO 27001: 2005 to ISO 27001: 2013

ISO 27001 is an international standard published by the International Standard Organization (ISO). This standard acts as a specification for an information s
Read More
Article

Interview: Darren Guccione, Co-founder of Keeper Security

Darren is the co-inventor of Keeper Security and started the company with extensive experience in product design, engineering and development. At Keeper, Dar
Read More
Article

Analyzing and writing a local exploit

So far, in the previous articles, we learnt how to exploit an application remotely. We ran the Python script directly on the Machine B, which was the attacke
Read More
Article

Interview: Dr. Engin Kirda

Dr. Engin Kirda is the Co-Founder & Chief Architect of LastLine and research professor at Northeastern University and the director of the Northeastern In
Read More
Article

Enhancements in Damn Vulnerable iOS app version 2.0

In this article, I would like to give a quick walkthrough of the new vulnerabilities and challenges that we have added in version 2.0 of Damn Vulnerable iOS
Read More
Article

Malware Researcher’s Handbook: Introduction

All the Stuff  You Know Before Starting Research Malware research contains a lot of information like reverse engineering, exploit-kit, exploit analysis, botn
Read More
Article

Card fraud in the deep web

The majority of activities related to credit card fraud are made in the underground forums and specialized hidden services in the deep web. These environme
Read More